EUVD-2026-8918

Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...

SUSE CVE-2026-25636

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

CVE-2025-36352

IBM License Metric Tool (ILMT) versions 9.2.0–9.2.40 are vulnerable to stored cross-site scripting (CXS) in the Web UI, exploitable by an authenticated user and potentially leading to credentials disclosure in a trusted session. The issue is tied to IBM’s advisory and public CVE-2025-36352 record...

Mockoon 安全漏洞

Mockoon is an interface software of mockoon open source. A security vulnerability exists in Mockoon versions prior to 9.2.0 that stems from a path traversal and local file inclusion vulnerability in the static file service configuration...

Apache Traffic Server 访问控制错误漏洞

Apache Traffic Server ATS is a suite of scalable HTTP proxy and caching servers from the Apache Foundation in the United States. A security vulnerability exists in Apache Traffic Server versions 9.2.0 through 9.2.8 and 10.0.0 through 10.0.3 that stems from improper access control...

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-24458)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the XFA setInterval method in Foxit Reader 9.2.0.9297 and earlier versions and Foxit...